Information Security Project Manager

Georgia  ‐ Onsite
This project has been archived and is not accepting more applications.
Browse open projects on our job board.

Keywords

Description

Information Security Project Manager

Skills: information security Project Manager, operations and risk management; working knowledge of information security technologies, web technologies, Microsoft Office applications and SharePoint; design/implement information security solutions

Summary:

Our client is in need of an Information Security Project Manager. In this role you will work with the internal departments, external partners, and vendors on supporting enterprise information security posture and providing assessments, protections, reporting and professional consultation on information security policies and compliance requirement. The ideal candidate will have 5-6 years in risk management and remediation efforts, can draft advisory documents, and can speak in regards to and understand business process and procedures. This candidate should also have an IT infrastructure background, and understand threats and vulnerability efforts, and be familiar with GRC systems. Client ready to interview candidates the week of November 26.

Responsibilities:

  • Leads Business Unit security initiatives, programs and projects
  • Responsible for all aspects of planning and documentation of information security and infrastructure related projects or initiatives, from original concept through final implementation.
  • Audits security controls for Routers, Switches and Firewalls to protect company and customers data
  • Ensures delivery of regular reports and documentation of actions taken for process improvement, trend analysis, audit, regulatory and legal purposes.
  • Maintain and support Incident Response Protocols as required by process or management
  • Investigates potential data theft and/or intrusions to/from McKesson internal infrastructure and end points.
  • Provides consultation to other departments on information security trends and mitigation techniques as per information security best practices and regulatory compliance requirements.
  • Interfaces with MPT IT Risk Leader, compiling reports, analysing security policies for potential incidents and communicates the findings.
  • Collaborates with Line of Business technical teams for security posture, issue resolution and mitigation, and performing documentation review and improvement.
  • Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration, or denial of access to information.
  • Reviews and analyses vulnerability scan reports, recommends remediation steps
  • Recommends/takes action to direct the analysis of and solution to problems, may provide technical/analytical guidance to project teams.
  • Manages the integration of vendor tasks, and tracks and reviews vendor project deliverables
  • Organizing and managing task groups/project teams in a cross functional Matrix environment with many stakeholders, with and without formal authority.
  • Requires achieving challenging deadlines in a cost-regulated environment.
  • Can involve scope creep and significant change during project implementation.
  • May involve periods of personal stress.
  • Some travelling may be required.
  • Expected to obtain in depth knowledge of ISO 27001 standards and certification process, and other regulatory standards as needed.
  • Recommends incident investigation and mitigation steps including the planning and implementation of information security related projects at all stages. May recommend solutions to technical and logistical problems, and provide analytical guidance to other teams.

Qualifications:

  • 5+ years of related experience, designing, planning and implementing information technology and information security solutions
  • 4+ years experience in information security operations and risk management
  • In-depth knowledge of security controls for one or few major enterprise networking and Firewalling technologies
  • Working knowledge of information security technologies, web technologies, Microsoft Office applications and SharePoint
  • Exposure to other Infrastructure components, particularly with Windows Active Directory, Exchange, File and Print sharing, Systems Management/Monitoring, Disaster Recovery, VMware ESX and SAN technologies
  • Combination of infrastructure administration, information security incident handling and infrastructure projects management
  • End-user Security Training
  • HIPAA experience is preferred
  • ICARE
  • Network, Security, or Platform certification(s) (CISSP, Security+, Network+, formal ISO27001 training, etc.
  • Experience implementing technologies to support HIPAA requirements (encryption, logging, data protection and transfer)
  • Experience with security threat analysis and vulnerability assessments.
  • Technical and operational experience with monitoring, network, and security technologies that include but are not limited to the following: Firewalls, Web Secure Gateways, Vulnerability Scanning Tools, DLP, Intrusion Detection (IDS/IPS), host based security agents, and VPNs.
  • Understanding of security vulnerability management methodologies, remediation planning and prioritization.
  • Knowledge of one or more risk and vulnerability assessment methodologies.
  • Ability to recommend, and implement changes to procedures to protect data from future attacks.
  • Strong analytical and research skills with great attention to detail.
  • Excellent communication skills, both written and oral. Excellent documentation skills.
  • Outstanding organizational and time management skills.
  • Group or individual project management.
  • Experience analysing business information security requirements and converting them into project implementation plans.
  • Experience and understanding of infrastructure elements and hardware and how they tie together with application solutions.

Benefits:

As an Agile consultant, you'll gain many of the advantages and benefits of being a direct hire, while experiencing the flexibility of consulting. It's the best of both worlds! Our IT consultants enjoy a wide array of benefits including: medical, dental, 401K, life insurance, Employee Assistance Program and more.

Start date
ASAP
Duration
6 month + contract
(extension possible)
From
AGILE
Published at
30.11.2012
Project ID:
455279
Contract type
Freelance
To apply to this project you must log in.
Register